Bug 38594

Summary: Error reading request body, error code 70007: The timeout specified has expired
Product: Apache httpd-2 Reporter: Paul Lewandowski <Paul.Lewandowski>
Component: Other ModulesAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: CLOSED INVALID    
Severity: normal Keywords: ErrorMessage
Priority: P2    
Version: 2.0.47   
Target Milestone: ---   
Hardware: Other   
OS: AIX   

Description Paul Lewandowski 2006-02-09 16:35:55 UTC
We are running IBM_HTTP_Server/2.0.47.1-PK07831 Apache/2.0.47 (Unix).  We are 
in the process of implementing mod_security for the first time to prevent cross-
site scripting and in about 1 in 10 times of serving up a page (happens with 
several pages, non-ssl involving POST calls) you will get the following error 
in the error_log: 

[Thu Feb 09 08:57:58 2006] [error] [client 10.2.140.218] mod_security: Access 
denied with code 404. Error reading request
 body, error code 70007: The timeout specified has expired 
[hostname "esws001a.kohls.com"] [uri "/products/product_page_v
anilla3.jsp"] [unique_id "xLSchgoBvuUAAJnmWMcAAAA2"]

Here is one of several sample entries from the access_log that correlates with 
the above error (note that this was about 300 sec. earlier):

10.2.140.218 - - [09/Feb/2006:08:52:58 -
0600] "POST /products/product_page_vanilla3.jsp HTTP/1.1" 404 
349 "http://esws001
a.kohls.com/products/product_page_vanilla3.jsp" "Mozilla/4.0 (compatible; MSIE 
6.0; Windows NT 5.0; T312461)""SignOnDefau
lt=GUEST; kSufsaCount=0; CookiesONOFF=ON; 
kohls_customer_satisfaction_invitation=reject; webiq_invitation=reject; JSESSIO
NID=0000GAVWMBE00SRYZ4RHBJYBH5Y:tvcjhf84; 231Lottery=yes; 
cmRS=&t1=1139496768532&t2=1139496768572&t3=1139496778376&t4=113
9496768272&fti=1139496778376&fn=keyword_dept_search%3A0%3Badd_to_cart%3A1%
3B&ac=0:S&fd=&uer=&fu=/products/product_page_va
nilla3.jsp&pi=&ho=test.coremetrics.com/cm%3F&ci=90086977&ul=http%
3A//esws001a.kohls.com/products/product_page_vanilla3.js
p&rf=http%3A//esws001a.kohls.com/products/product_page_vanilla3.jsp"

Along with implementing mod_security we have also upgraded HTTP Server from 
1.3.19 to 2.0.47.1 and have upgraded AIX 4.3.3 to AIX 5.2.0.7.

Any suggestions are welcome.  Please let me know if you need any additional 
information.

Thanks.

Paul
Comment 1 Paul Lewandowski 2006-02-09 16:38:49 UTC
Mod security is version 1.9.1

Here is the entry from the plugin.log file:

[Thu Feb 09 07:03:07 2006] [notice] mod_security/1.9.1 configured
Comment 2 Jeff Trawick 2006-02-09 17:09:55 UTC
IBM HTTP Server is not supported here.  Neither are any other Apache-based
web servers, which are supported by their respective vendors.

mod_security is not supported here either, though I couldn't say if this has
anything to do with mod_security (or even the web server, for that matter).